SOC Analyst

Course Description

SOC analysts are generally part of a large security operations team. The SOC analyst role is the last line of defense against cybercriminals. Without them, hackers and other cyber criminals may never be found.

SOC analysts work alongside with cybersecurity engineers and security managers and most likely report to a chief information security officer (CISO).

A SOC analyst must have a steady and unshakable eye for detail, as they have to monitor many things at once. They must watch and respond to a number of threats, and there may be different levels of responsibilities depending on how big the company is and how many SOC analyst’s it employs. From monitoring to reacting, a SOC analyst’s day is rarely the same from one to the next.

Target Audience

• SOC Analysts
• Network and Security Administrators, Network and Security Engineers, Network Defense Analyst, Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations
• Cybersecurity Analyst
• Entry-level cybersecurity professionals
• Anyone who wants to become a SOC Analyst.

SOC Analyst Course Outline:

SECTION 1

• Basics of Networks
• OSI Model & TCP IP Protocol Suite
• Types of Network Device & Working
• Types of Network Security Device & Working

SECTION 2

• Bit, Bytes and Hexadecimal Representation
• MAC & IP Address
• Network Address Translation
• Port Address Translation
• Wireshark & Tshark

SECTION 3

• IP Protocol and IP header
• IP header fields
• Transport layer and Transport protocols
• TCP Header Fields
• Cyber Attacks on Internet & Transport Layer

SECTION 4

• UDP Protocol & UDP Header
• UDP Header Fields
• ICMP Protocol and ICMP Header
• ICMP Header Fields
• Cyber-attacks with UDP & ICMP Protocol

SECTION 5

• Protocols and Ports
• ARP Protocol
• Client Server Model
• HTTP Service
• DHCP
• DNS
• Basics of FTP, Telnet, SSH, SMTP 2

SECTION 6

• Cyber Attack & Prevention for DNS Zone Transfer
• Cyber Attack & Prevention for Host Discovery Attack
• Cyber Attack & Prevention for Port Scanning
• Cyber Attacks & Prevention for VA Scanning
• Cyber Attacks & Prevention for ARP Poisoning
• Cyber Attacks & Prevention for DDOS Attacks

SECTION 7

• Workgroup & Domain
• Cryptography
• Windows password
• Authentication Protocol
• Basics of Linux
• Windows & Linux Logs

SECTION 8

• Exploitation
• Malware
• Brute Force attack

SECTION 9

• Brute-Force Attack for Single Account
• Brute-Force Attack for multiple user account
• Privilege escalation
• Phishing Attack & Prevention
• Multiple Geo-Location Access for User Account
• Malware and C&C Callback Detection & Prevention
• Zero-day attack & Patch Management

SECTION 10

• Web Application Introduction
• Web Application Working

SECTION 11

• Web Application Attack
• Poodle Attack
• Heart Bleed Attack
• Shellshock Attack

SECTION 12

• SQL injection Attack & Remediation
• XSS Attack & Remediation
• CSRF Attack & Remediation

SECTION 13

• Endpoint Protection

SECTION 14

• Working, Detection & Evasion from NIPS

SECTION 15

• Firewall Working, Types and Reporting

SECTION 16

• SIEM Installation
• Logs Forwarding to SIEM
• Threat Hunting On SIEM
• Dashboard Creation On SIEM